First published: Wed Jan 27 2021(Updated: )
Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation (i.e., an installation without a hosts_deny option). This issue occurred because a new access-control feature was introduced without considering that some exiting installations became unsafe, upon an update to 3.13.0, unless the new feature was immediately configured.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Fibranet Monitorix | =3.13.0 | |
Fedoraproject Fedora | =32 | |
Fedoraproject Fedora | =33 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.